Change the FQDN of the RPort server

Learn how to use your own name instead of the random *.user.rport.io hostname

Create your DNS record

If you want to change the FQDN of a RPort server installed via the cloud-installer the first step is to create a DNS A Record that points to the IP address of your virtual machine. Do not use a CNAME record pointing to the *.users.rport.io FQDN.

We will use rport-server.tinyserver.net as an example.

Login to the console of your rport-server and verify your DNS record has been set up properly. Execute the following two commands. Both must print the same IP address – the IP address of the RPort server.

# dig +short <NEW_FQDN>
dig +short rport-server.tinyserver.net
wget -qO - 'https://api.ipify.org?format=text'

Generate new SSL certificates

If you have certificates for the new FQDN, you can skip this step.

Stop the RPort server first. To generate new free certificates via Let's Encrypt execute the following commands.

#FQDN=<YOUR_FQDN>
systemctl stop rportd
FQDN=rport-server.tinyserver.net
# Generate
certbot certonly -d $FQDN -n \
--agree-tos --standalone \
--register-unsafely-without-email
# Change group ownerships so rport can read the files
chgrp rport /etc/letsencrypt/archive/
chmod g+rx /etc/letsencrypt/archive/
chgrp rport /etc/letsencrypt/live/
chmod g+rx /etc/letsencrypt/live/
chgrp rport /etc/letsencrypt/archive/$FQDN/
chmod g+rx /etc/letsencrypt/archive/$FQDN/
chgrp rport /etc/letsencrypt/archive/$FQDN/privkey1.pem
chmod g+rx /etc/letsencrypt/archive/$FQDN/privkey1.pem
chgrp rport /etc/letsencrypt/live/$FQDN/
ls -l /etc/letsencrypt/live/$FQDN/

Change the rportd configuration

With the new certificates generated, or with your own certificates, open the configuration file /etc/rport/rportd.conf with an editor. Scroll down to the lines where certificates are configured. Change it as shown.

Before (with random *users.rport.io FQDN)

cert_file = "/etc/letsencrypt/live/14apzztqs96l.users.rport.io/fullchain.pem"
key_file = "/etc/letsencrypt/live/14apzztqs96l.users.rport.io/privkey.pem"

After (example with your FQDN)

cert_file = "/etc/letsencrypt/live/rport-server.tinyserver.net/fullchain.pem"
key_file = "/etc/letsencrypt/live/rport-server.tinyserver.net/privkey.pem"
Change the path to the new certificates.

Finally, start the rport server again with systemctl start rportd. Type in the new https://<NEW_FQDN> into your browser and check.

Don't be frightened if clienst appear disconnected. Because the rport server has beend stopped for a while it takes some time to reconned. But trrust, they will all reconnect.